<%-- 
    Document   : viewMore
    Created on : Mar 8, 2012, 12:42:31 AM
    Author     : 013v
--%>
<%@page import="Model.ProductManager"%>
<%@page import="Model.Product"%>
<%@page import="Model.ReviewManager"%>
<%@page import="java.sql.ResultSet"%>
<%
    String loginAttempt = request.getParameter("loginAttempt");
    if (loginAttempt != null) {
        boolean isValid = true;

        if (loginAttempt.indexOf("<") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf(">") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf("\"") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf("/") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf(":") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf(";") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf("=") > -1) {
            isValid = false;
        } else if (loginAttempt.indexOf("|") > -1) {
            isValid = false;
        }

        if (isValid == false) {
            loginAttempt = null;
        }
    }
%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="stylesheet" href="css/foo.css" type="text/css"/>
        <link rel="stylesheet" type="text/css" href="css/superfish.css" media="screen">	
        <title>Foobar</title>
        <script type="text/javascript" src="js/jquery-1.7.1.min.js"></script>
        <script type="text/javascript" src="js/hoverIntent.js"></script>
        <script type="text/javascript" src="js/superfish.js"></script>
        <script type="text/javascript" src="js/LoginValidation.js"></script>
        <script type="text/javascript" src="js/ReviewValidation.js"></script>
        <script type="text/javascript" src="js/SearchValidation.js"></script>
        <script type="text/javascript">
            function poscom(str)
            {   
                var search = document.getElementById("postArea").value;
                var isValid = 1;
                var and = "AND";
                var or = "OR";
    
    
                if(search.indexOf("<") > -1)
                    isValid = 0;
                else if(search.indexOf(">") > -1)
                    isValid = 0;
                else if(search.indexOf("\"") > -1)
                    isValid = 0;
                else if(search.indexOf("/")> -1)
                    isValid = 0;
                else if(search.indexOf("=") > -1)
                    isValid = 0;
                else if(search.indexOf("|") > -1)
                    isValid = 0;

    
                if(isValid == 1){
                    if (window.XMLHttpRequest)
                    {// code for IE7+, Firefox, Chrome, Opera, Safari
                        xmlhttp=new XMLHttpRequest();
                    }
                    else
                    {// code for IE6, IE5
                        xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
                    }
                    xmlhttp.onreadystatechange=function()
                    {
                        if (xmlhttp.readyState==4 && xmlhttp.status==200)
                        {
                            document.getElementById("commentArea").innerHTML=xmlhttp.responseText;
                        }
                    }
                    xmlhttp.open("GET","getrev.jsp?rev="+str+"&pr=<%=request.getParameter("pid")%>",true);
                    xmlhttp.send(); 
                    document.getElementById("postArea").value = "";
                    document.getElementById("errComment").innerHTML = '';
            
                    return true;
        
                }
                else{
                    document.getElementById("postArea").value = "";
            
                    document.getElementById("errComment").innerHTML = 'Comment input is not valid';
                    //        document.write('<span class="errLog">Login input is invalid. Special characters are not allowed.</span>');
                    return false;
                }
            }
            
            // initialise plugins
            jQuery(function(){
                jQuery('ul.sf-menu').superfish();
            });
           

        </script>
    </head>
    <body class="bg">
        <br/>
        <div class="hmenu">
            <% if (request.getSession(true).getAttribute("username") == null) {%>
            <p style="font-size: 12px; margin-top: -15px; float: right;">If you're not yet a member, sign up <a href="signUp.jsp" class="lin">here!</a> </p>   
            <% }%>
            <img src="images/head.png" style="float: left; margin-left:20px;"/>
            <div class="log">

                <% if (request.getSession(true).getAttribute("username") != null) {%>
                <span>Hello <%=session.getAttribute("username")%>!</span><br>
                <span style="font-weight: normal; font-size: 10px;">You have <%=session.getAttribute("numCart")%> items in your cart.</span>
                <div id="nav">
                    <ul class="top">
                        <li><a href="viewCart.jsp">View Cart</a></li>
                        <li><a href="checkOut.jsp">Checkout</a></li>
                        <li><a href="viewProfile.jsp">Account Details</a></li>
                        <li><a href="LogoutServlet">Log out</a></li>
                    </ul>
                </div>
                <% } else {%>
                <span style="font-weight: bold;">Log in</span>
                <form method="post" action="LoginServlet">
                    <label>Username:</label><input type="text" id="username" name="username"/><br/>
                    <label>Password:</label><input type="password" id="password" name="password"/><br/>
                    <input type="submit" onClick="return LoginValidation()" value="Log in" name="submit"/>
                    <label class="errLog" id="err"></label>
                </form>
                <% }%>
            </div>
            <ul class="sf-menu">
                <li class="current">
                    <a href="index.jsp">Home</a>
                </li>
                <li>
                    <a href="#">Products</a>
                    <ul>
                                        <%
                ResultSet rs = new ProductManager().getProductTypes();
                while(rs.next()){
                %>
                        <li>
                            <a href="products.jsp?prd=<%=rs.getInt("ProductTypeID")%>"><%=rs.getString("ProductType")%></a>
                        </li>
                <%}%>
                    </ul>
                </li>
                <li>
                    <a href="#">Stores</a>
                </li>
                <li>
                    <a href="#">Contact Us</a>
                </li>
                <li>
                    <form action="results.jsp">
                            <input type="text" name="search" placeholder="Enter your search"/>
                            <button type="submit" onClick="return SearchValidation(this.form);">Go</button>
                    </form>
                </li>
            </ul>
        </div>
        <div class="content">
            <%

                Product prd = new ProductManager().getProductDetails(request.getParameter("pid"));

            %>

            <table id="sres" width="800px" cellspacing="0px" margin="0px" cellpadding="0px" align="left" style="margin-top:20px;">

                <tr>
                    <td valign="top">
                        <label class="data">Product ID: </label><span class="info">&nbsp;<%=prd.getProductID()%></span><br/>
                        <label class="data">Title: </label><span class="info">&nbsp;<%=prd.getProductTitle()%> </span><br />
                        <label class="data">Rating: </label><span class="info">&nbsp;<%=prd.getProductRating()%></span><br/>
                        <label class="data">Price: </label><span class="info">&nbsp;<%=prd.getProductPrice()%></span><br/>
                        <label class="data">Synopsis: </label><span class="info">&nbsp;<%=prd.getProductSynopsis()%></span><br/>
                        <a href="CustomerAddtoCart?rd=<%=request.getParameter("pid")%>"><button>Add to Cart</button></a>
                        <hr/>
                    </td>
                </tr>
                <tr>
                    <td colspan="2" style="text-align: center;">
                        <%
                            if (request.getSession(true).getAttribute("username") != null && new ReviewManager().checkIfPurchased(request.getParameter("pid"), (String) session.getAttribute("username"))) {
                        %>
                        <p style="padding-left: 150px; text-align: left; font-weight: bold;">Write a Review</p>
                        <textarea id="postArea" style="width:500px; height:100px; resize:none;"></textarea>
                        <br/>
                        <span class="erMes" id="errComment"></span>
                        <button style="float:right; margin-right: 135px;" onclick="return poscom(document.getElementById('postArea').value)">Enter Review</button>
                        <br/><br/>
                        <% } else {%>
                        <p style="padding-left: 100px; text-align: left; font-weight: bold;">Reviews</p>
                        <% }%>
                        <div id="commentArea">
                            <%
                                try {
                                    ResultSet list = new ReviewManager().getReviews(request.getParameter("pid"));

                            %>
                            <ul id="commentList" style="padding-left: 125px; list-style-type: none; text-align: left;">
                                <%
                                    list.last();
                                    int count = list.getRow();
                                    list.beforeFirst();
                                    if (count == 0) {
                                %> 
                                <li>
                                    No review available.
                                </li>
                                <%                                    }

                                    while (list.next()) {%> 
                                <li><div class="comment"><%=list.getString("ReviewContent")%><br/><span style="font-size: 10px; margin-left: 450px;">by:<%=list.getString("Username")%>, <%=list.getString("DateReview")%> <%=list.getString("TimeReview")%></span></div></li>

                                <% }%>
                            </ul>
                            <%
                                } catch (Exception e) {
                                    e.printStackTrace();
                                }%>
                        </div>
                    </td>
                </tr>
            </table>
        </div>
    </div>
</body>
</html>

